Checking sshd immediately after installing CentOS Stream 8 shows that it is not recommended for high security systems The encryption method and hash function are also set to be available. So, make a note of the procedure when you disabled them.
Unlike the time of CentOS7, the setting is not reflected just by describing it in sshd_config. The setting method seems to be roughly the following two
It seems easier to do it in 2, but ... For the time being, I will try both.
** This setting affects many services. ** ** Check the target service with man update-crypto-policies. When I confirmed it on 2021/1/3, the following items were targeted. GnuTLS library,OpenSSL library,NSS library,OpenJDK,Libkrb5,BIND,OpenSSH,Libreswan,libssh
[user01@centos8st ~]$ sudo cp /usr/share/crypto-policies/policies/FUTURE.pol ¥
/usr/share/crypto-policies/policies/MYPOLICY.pol
[sudo]password for user01:
[user01@centos8st ~]$
Removed CBC related from cipher
[user01@centos8st ~]$ sudo vi /usr/share/crypto-policies/policies/MYPOLICY.pol
# A level that will provide security on a conservative level that is
# believed to withstand any near-term future attacks. And also provide
# some (not complete) preparation for post quantum encryption support
# in form of 256 bit symmetric encryption requirement.
# It provides at least an 128-bit security. This level may prevent
# communication with many used systems that provide weaker security levels
# (e.g., systems that use SHA-1 as signature algorithm).
# MACs: all HMAC with SHA256 or better + all modern MACs (Poly1305 etc)
# Curves: all prime >= 255 bits (including Bernstein curves)
# Signature algorithms: with SHA-256 hash or better (no DSA)
# TLS Ciphers: >= 256-bit key, >= 128-bit block, only Authenticated Encryption (AE) ciphers
# non-TLS Ciphers: same as TLS Ciphers with added non AE ciphers and Camellia
# key exchange: ECDHE, DHE (no DHE-DSS)
# DH params size: >= 3072
# RSA params size: >= 3072
# TLS protocols: TLS >= 1.2, DTLS >= 1.2
mac = AEAD HMAC-SHA2-256 UMAC-128 HMAC-SHA2-384 HMAC-SHA2-512
group = X25519 X448 SECP256R1 SECP384R1 SECP521R1 \
FFDHE-3072 FFDHE-4096 FFDHE-6144 FFDHE-8192
hash = SHA2-256 SHA2-384 SHA2-512 SHA3-256 SHA3-384 SHA3-512
sign = ECDSA-SHA3-256 ECDSA-SHA2-256 \
ECDSA-SHA3-384 ECDSA-SHA2-384 \
ECDSA-SHA3-512 ECDSA-SHA2-512 \
EDDSA-ED25519 EDDSA-ED448 \
RSA-PSS-SHA2-256 RSA-PSS-SHA2-384 RSA-PSS-SHA2-512 \
RSA-SHA3-256 RSA-SHA2-256 \
RSA-SHA3-384 RSA-SHA2-384 \
RSA-SHA3-512 RSA-SHA2-512
tls_cipher = AES-256-GCM AES-256-CCM CHACHA20-POLY1305
cipher = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 CAMELLIA-256-GCM \
AES-256-CTR
key_exchange = ECDHE DHE DHE-RSA PSK DHE-PSK ECDHE-PSK ECDHE-GSS DHE-GSS
protocol = TLS1.3 TLS1.2 DTLS1.2
ike_protocol = IKEv2
min_tls_version = TLS1.2
min_dtls_version = DTLS1.2
# Parameter sizes
min_dh_size = 3072
min_dsa_size = 3072
min_rsa_size = 3072
# GnuTLS only for now
sha1_in_certs = 0
arbitrary_dh_groups = 1
ssh_certs = 1
ssh_etm = 1
[user01@centos8st ~]$
[user01@centos8st ~]$ sudo update-crypto-policies --set MYPOLICY
Setting system policy to MYPOLICY
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.
[user01@centos8st ~]$ sudo systemctl restart sshd
I checked it with nmap from the outside.
user01@kali:~$ nmap -p 22 192.168.1.122 -Pn --script ssh2-enum-algos.nse
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2020-12-30 17:48 JST
Nmap scan report for 192.168.1.122
Host is up (0.00091s latency).
PORT STATE SERVICE
22/tcp open ssh
| ssh2-enum-algos:
| kex_algorithms: (11)
| curve25519-sha256
| [email protected]
| ecdh-sha2-nistp256
| ecdh-sha2-nistp384
| ecdh-sha2-nistp521
| diffie-hellman-group-exchange-sha256
| diffie-hellman-group14-sha256
| diffie-hellman-group16-sha512
| diffie-hellman-group18-sha512
| diffie-hellman-group-exchange-sha1
| diffie-hellman-group14-sha1
| server_host_key_algorithms: (5)
| rsa-sha2-512
| rsa-sha2-256
| ssh-rsa
| ecdsa-sha2-nistp256
| ssh-ed25519
| encryption_algorithms: (7)
| [email protected]
| [email protected]
| aes256-ctr
| aes256-cbc
| [email protected]
| aes128-ctr
| aes128-cbc
| mac_algorithms: (8)
| [email protected]
| [email protected]
| [email protected]
| [email protected]
| hmac-sha2-256
| hmac-sha1
| [email protected]
| hmac-sha2-512
| compression_algorithms: (2)
| none
|_ [email protected]
Nmap done: 1 IP address (1 host up) scanned in 0.24 seconds
user01@kali:~$
CBC/SHA1-related cryptography/hash algorithms have been eliminated.
user01@kali:~$ nmap -p 22 192.168.1.122 -Pn -sV --script ssh2-enum-algos.nse
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2021-01-03 15:44 JST
Nmap scan report for 192.168.1.122
Host is up (0.00063s latency).
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.0 (protocol 2.0)
| ssh2-enum-algos:
| kex_algorithms: (8)
| curve25519-sha256
| [email protected]
| ecdh-sha2-nistp256
| ecdh-sha2-nistp384
| ecdh-sha2-nistp521
| diffie-hellman-group-exchange-sha256
| diffie-hellman-group16-sha512
| diffie-hellman-group18-sha512
| server_host_key_algorithms: (4)
| rsa-sha2-512
| rsa-sha2-256
| ecdsa-sha2-nistp256
| ssh-ed25519
| encryption_algorithms: (3)
| [email protected]
| [email protected]
| aes256-ctr
| mac_algorithms: (6)
| [email protected]
| [email protected]
| [email protected]
| hmac-sha2-256
| [email protected]
| hmac-sha2-512
| compression_algorithms: (2)
| none
|_ [email protected]
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.35 seconds
user01@kali:~$
** Setting flow **
If you are using crypto-policies, you can check it with the ps command because the encryption method / hash algorithm etc. are set as command line options when the daemon is started. Based on the value obtained here, set by excluding unnecessary encryption methods / hash algorithms.
[user01@centos8st ~]$ ps -ef|grep sshd
root 4679 1 0 15:23 ? 00:00:00 /usr/sbin/sshd -D [email protected],[email protected],aes256-ctr,aes256-cbc,[email protected],aes128-ctr,aes128-cbc [email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha1,[email protected],hmac-sha2-512 -oGSSAPIKexAlgorithms=gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1- -oKexAlgorithms=curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 -oHostKeyAlgorithms=ecdsa-sha2-nistp256,[email protected],ecdsa-sha2-nistp384,[email protected],ecdsa-sha2-nistp521,[email protected],ssh-ed25519,[email protected],rsa-sha2-256,[email protected],rsa-sha2-512,[email protected],ssh-rsa,[email protected] -oPubkeyAcceptedKeyTypes=ecdsa-sha2-nistp256,[email protected],ecdsa-sha2-nistp384,[email protected],ecdsa-sha2-nistp521,[email protected],ssh-ed25519,[email protected],rsa-sha2-256,[email protected],rsa-sha2-512,[email protected],ssh-rsa,[email protected] -oCASignatureAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa
[user01@centos8st ~]$
You can disable CRYPTO_POLICY that is set when the daemon starts by uncommenting it and declaring the variable in the empty state. In this example, the description on line 18 is so.
[user01@centos8st ~]$ sudo vi /etc/sysconfig/sshd
15 # System-wide crypto policy:
16 # To opt-out, uncomment the following line
17 # CRYPTO_POLICY=
18 CRYPTO_POLICY=
[user01@centos8st ~]$
The settings on lines 34 and 35 have been added based on the value obtained by the ps command with unnecessary items removed.
[user01@centos8st ~]$ sudo vi /etc/ssh/sshd_config
29 # This system is following system-wide crypto policy. The changes to
30 # crypto properties (Ciphers, MACs, ...) will not have any effect here.
31 # They will be overridden by command-line options passed to the server
32 # on command line.
33 # Please, check manual pages for update-crypto-policies(8) and sshd_config(5).
34 [email protected],[email protected],aes256-ctr,[email protected],aes128-ctr
35 [email protected],[email protected],[email protected],hmac-sha2-256,[email protected],hmac-sha2-512
[user01@centos8st ~]$ sudo systemctl restart sshd
user01@kali:~$ nmap -p 22 192.168.1.122 -Pn --script ssh2-enum-algos.nse
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2020-12-30 23:12 JST
Nmap scan report for 192.168.1.122
Host is up (0.00051s latency).
PORT STATE SERVICE
22/tcp open ssh
| ssh2-enum-algos:
| kex_algorithms: (10)
| curve25519-sha256
| [email protected]
| ecdh-sha2-nistp256
| ecdh-sha2-nistp384
| ecdh-sha2-nistp521
| diffie-hellman-group-exchange-sha256
| diffie-hellman-group16-sha512
| diffie-hellman-group18-sha512
| diffie-hellman-group14-sha256
| diffie-hellman-group14-sha1
| server_host_key_algorithms: (5)
| rsa-sha2-512
| rsa-sha2-256
| ssh-rsa
| ecdsa-sha2-nistp256
| ssh-ed25519
| encryption_algorithms: (5)
| [email protected]
| [email protected]
| aes256-ctr
| [email protected]
| aes128-ctr
| mac_algorithms: (6)
| [email protected]
| [email protected]
| [email protected]
| hmac-sha2-256
| [email protected]
| hmac-sha2-512
| compression_algorithms: (2)
| none
|_ [email protected]
Nmap done: 1 IP address (1 host up) scanned in 0.21 seconds
user01@kali:~$
Since ssh connection as root is allowed, let's disable it. Set PermitRootLogin to no.
[user01@centos8st ~]$ sudo vi /etc/ssh/sshd_config
42 # Authentication:
43
44 #LoginGraceTime 2m
45 PermitRootLogin no
46 #StrictModes yes
47 #MaxAuthTries 6
48 #MaxSessions 10
[user01@centos8st ~]$ sudo systemctl restart sshd
[user01@centos8st ~]$ ssh root@localhost
root@localhost's password:
Permission denied, please try again.
root@localhost's password:
reference: Akahat Engineer Blog How to customize crypto policies in RHEL 8.2